Manager, Privacy & Data Security Compliance


HMH HOSPITALS CORPORATION Edison Requisition # 2021-97020 ShiftDay StatusFull Time with Benefits Weekend WorkNo Weekends Required HolidaysNo Holidays Required On CallNo On-Call Required Shift Hours8:30am - 5pm Address343 Thornall Street, Edison, 08837

View Saved

Overview

How have you impacted someone’s life today? At Hackensack Meridian Health our teams are focused on changing the lives of our patients by providing the highest level of care each and every day. From our hospitals, rehab centers and occupational health teams to our long-term care centers and at-home care capabilities, our complete spectrum of services will allow you to apply your skills in multiple settings while building your career all within New Jersey’s premier healthcare system.

The Manager, Privacy & Security Audit develops and implements a comprehensive audit plan designed to assure that systems, policies and procedures protect against unauthorized access, modification or destruction of Hackensack Meridian Health (HMH) information assets. This position is responsible for supporting the implementation of, managing and enforcing information privacy and security directives and compliance as mandated by HIPAA, the HITECH Act, and other applicable laws and regulations including prevention of intentional or inadvertent access, modification, disclosure, or destruction of records. Reviews and evaluates work of associates within and outside of the Compliance Division. Recommends and submits reports on identified corrections and controls in need of improvement.

Responsibilities

A day in the life of a Manager, Privacy & Security Compliance , at Hackensack Meridian Health includes:

  • Implements the audit plan, including routine monitoring of electronic medical record and other systems using appropriate security tools. Establishes and maintains a mechanism to monitor access to protected health information held by HMH. Prepares and presents reports to management.
  • Reviews IT, operational and business risks, functions and activities, and evaluates operational environment in order to determine and recommend nature, scope, direction and thrust of proposed audits. Designs audit procedures to execute the annual audit plan, assess controls and to meet audit objectives. 
  • Perform periodic information risk assessments and audits to ensure that information systems are adequately protected to meet all appropriate requirements. Completes annually a HIPAA Security Risk Assessment (SRA).
  • Serves as departmental and company liaison for internal management, external auditors, external audit subjects and business associates
  • Tracks, analyzes, and reports on relevant data and metrics as required. Develops, recommends and assures the implementation of corrective actions or process improvements based on monitoring results or audit findings. 
  • Recommends revisions to audit procedures to enhance efficiencies. Reviews internal controls throughout the company by evaluating the adequacy of system controls and recommends improvements.
  • Assures ongoing compliance with PCI DSS standards. Leads or participates in teams implementing standards, including assisting the external assessor with planning and execution. 
  • Manages the HMH privacy program including the development, implementation, maintenance of, and adherence to the organization's policies and procedures regarding data security.
  • Maintains accurate security and privacy related files.
  • Serves as a subject matter expert on privacy and security matters, including key internal controls, procedures, and workflows. Leads and participates in teams. Works independently and across teams, or across entities, to collect, distribute or implement important information on processes, procedures, and guidelines.

Qualifications

Education, Knowledge, Skills and Abilities Required:

  • Bachelor's degree required (Computer Science, Management Information Systems or a related discipline preferred)
  • Additional significant and relevant technical experience meeting the job description may be substituted for degree requirements.
  • Minimum 5 years of relevant experience.

Education, Knowledge, Skills and Abilities Preferred:

  • Basic understanding of rules and regulations pertaining to IT regulatory compliance requirements and standards such as HIPAA and HITECH. 
  • Competency in Epic and/or PeopleSoft security environment.

Licenses and Certifications Preferred:

  • Certified Information Systems Auditor or Certified Information Systems Security Professional (CISSP).

If you feel that the above description speaks directly to your strengths and capabilities, then please apply today!

Our Network

Hackensack Meridian Health (HMH) is a Mandatory COVID-19 and Influenza Vaccination Facility

As a courtesy to assist you in your job search, we would like to send your resume to other areas of our Hackensack Meridian Health network who may have current openings that fit your skills and experience.